<?php
//admin for the user module

class controller extends controllerBase {

	public function index()
	{
		$title = 'users';
		$content = 'this is the main acp page for the user module';
		
		include(ROOT . 'admin/skin/wrapper.php');
	}
	
	public function edit($id = '')
	{
		if($id == '')	//no user is set
		{
			//show all users for editing
			$query = new Query("SELECT * FROM `users` ORDER BY `id` DESC");
			
			if($query->num_rows() > 0)
			{
				$users = user::RecordSet($query, 'user');
				
				$title = 'edit users';
				$content = '<h2>Edit Users</h2>
							<ul>';
				
				foreach($users as $user)
				{
					$user->getGroup();
					$content .= '<li>' . $user->name . ' :: <a href="' . ROOT_URL .'admin/' . URL_BASE . 'user/edit/' . $user->id . '">Edit</a> | <a href="' . ROOT_URL .'admin/' . URL_BASE . 'user/delete/' . $user->id . '">Delete</a></li>';
				}
			}
		}
		else
		{
			//user is set, edit a single user
			$user = new user($id);
			
			$title = 'edit users :: ' . $user->name;
			$errors = array();
			$edited = false;
			
			if($_POST['submit'])
			{
				//the form has been sent, process
				if($_POST['email'] != $user->email)
				{
					$pEmailQuery = new Query("SELECT `id` FROM `users` WHERE `email` = ?", $_POST['email']);
						if($pEmailQuery->num_rows() > 0)
						{
							$errors[] = 'email-in-use';
						}
						else
						{
							$user->email = $_POST['email'];
						}
				}
				
				if($_POST['username'] != $user->name)
				{
					$user->name = $_POST['username'];
				}
				
				if($_POST['permissions'] != $user->permissions)
				{
					$user->permissions = $_POST['permissions'];
				}
				
				if($_POST['password'] != '')
				{
					$salt = substr(str_shuffle('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'), 0, 16);
					$user->salt = $salt;
					$user->password = md5($salt . sha1($_POST['password']));
				}
				
				if(count($errors) <= 0)
				{
					$user->save();
					$edited = true;
				}
			}
			
			if($edited)
			{
				//redirect
				$content .= 'edit succesful';
			}
			else
			{
				$content = 'edit: ' . $user->name;
				$content .= form::getForm('user_adminEditUser', array($errors, $user));
			}
			
		}
		
		include(ROOT . 'admin/skin/wrapper.php');
	}
	
	public function delete($id = '')
	{
		if($id != '')
		{
			$user = new user($id);
			$user->delete();
			$title = 'delete user';
			$content = 'user deleted';
		}
		include(ROOT . 'admin/skin/wrapper.php');
	}
	
	public function groups()
	{
		//main page for groups
		$title = 'groups';
		$content = '<a href="' . ROOT_URL .'admin/' . URL_BASE . 'user/editGroup">Edit Groups</a><br />';
		$content .= '<a href="' . ROOT_URL .'admin/' . URL_BASE . 'user/addGroup">Add Group</a><br />';
		include(ROOT . 'admin/skin/wrapper.php');
	}
	
	public function addGroup()
	{
		//add a new group
		
		$errors = array();
		$title = 'add group';
		$added = false;
		
		
		if($_POST['submit'])
		{
			$group = new user_group();
			
			#check to make sure the group has a name
			if($_POST['name'] == '')
			{
				$errors[] = 'no-group-name';
			}
			else
			{
				$group->name = $_POST['name'];
			}
			
			#check to see if the group has permissions
			if($_POST['permissions'] == '')
			{
				$errors[] = 'no-group-permissions';
			}
			else
			{
				$group->permissions = $_POST['permissions'];
			}
			
			if(count($errors) <= 0)
			{
				$group->save();
				$added = true;
			}
			
		}
		
		if($added)
		{
			$content = 'user group added';
		}
		else
		{
			$content = form::getForm('user_addGroup', array($errors));
		}
		
		include(ROOT . 'admin/skin/wrapper.php');
	}
	
	public function editGroup($id = '')
	{
		$title = 'edit groups';
		if($id == '')
		{
			//show all groups
			$query = new Query("SELECT * FROM `groups` ORDER BY `id`");
			
			if($query->num_rows() > 0)
			{
				$groups = user_group::recordSet($query, 'user_group');
				
				foreach ($groups as $group)
				{
					$content .= '<li>' . $group->name . ' :: <a href="' . ROOT_URL .'admin/' . URL_BASE . 'user/editGroup/' . $group->id . '">Edit</a> | <a href="' . ROOT_URL .'admin/' . URL_BASE . 'user/deleteGroup/' . $group->id . '">Delete</a></li>';
				}
			}
			else
			{
				$content .= 'no groups';
			}
		}
		else
		{
			//edit a specific group
			$group = new user_group($id);
			
			$title .= ' :: ' . $group->name;
			
			$errors = array();
			$edited = false;
			
			if($_POST['submit'])
			{
				if($_POST['name'] != $group->name)
				{
					$group->name = $_POST['name'];
				}
				
				if($_POST['permissions'] != $group->permissions)
				{
					$group->permissions = $_POST['permissions'];
				}
				
				$group->save();
				$edited = true;
				
			}
			
			if($edited)
			{
				$content = 'group edited';
			}
			else
			{
				$content = form::getForm('user_editGroup', array($errors, $group));
			}
		}
		include(ROOT . 'admin/skin/wrapper.php');
	}
	
	public function deleteGroup($id = '')
	{
		if($id != '')
		{
			$group = new user_group($id);
			$group->delete();
			$content = 'group deleted';
		}
		include(ROOT . 'admin/skin/wrapper.php');
	}
}
?>